data_privacy_and_trackingfandomcom-20200214-history
Encryption
A form of cryptography, encryption is the process of encoding information that can only be accessed by an authorized party. Although encryption does not protect against interception, an unauthorized party would not be able to access the information. Plain text is encrypted using a key generated by an encryption algorithm, which can only be read once decrypted. While it is still possible to decrypt information without a key, modern encryption schemes provide an almost infinite amount of combinations that would require massive amounts of computational power and skill to decipher. Purpose Encryption prevents a privacy breach by ensuring that only authorized parties can access certain sensitive information. When data is sent over a network, any unauthorized party that could be watching the network would be able to see traffic, but not the information that traffic contains. This is used for a wide variety of applications from text messages to online banking information. Encryption plays a major role in the security of today's big data. See: Data Privacy and Tracking Types of Encryption Symmetric Key Symmetric Key encryption requires both parties to have the same encryption key. First approved for use by computers in the 1970s as the Data Encryption Standard (DES), this provides a 56-bit key for encrypting data. Although a 56-bit key can provide over 70 quadrillion different combinations, it does not take many resources for the computers of today to decipher it using brute force (the process of trying every combination). This was soon replaced by the more sophisticated Advanced Encryption Standard (AES). AES uses 128-, 192-, or 256-bit keys that provide an upwards of 300 decillion combinations. Public Key Public key encryption, also known as asymmetric key encryption, uses a public key that is accessible from any other computer that wants to establish a secure connection with the machine that originated the data. The data is encrypted using a symmetric key, and then is encrypted with a public key which is then sent across the network. Since anyone can use the public key to intercept the data, if they lack the private key, they will not be able to decipher it. This system is extremely secure because it is based on prime numbers of long length. Since there is almost an infinite amount of prime numbers available, in turn there is an almost infinite amount of key combinations. Transport Layer Security (TLS) Transport Layer Security, or TLS, is a protocol used by modern browsers when sending sensitive information across a network. One way to tell when this protocol is being used is when "http" in the URL is changed to "https." Also, most browsers utilize some kind of graphic near the URL to make it more apparent that a secure connection is established. TLS also makes use of certificate authorities. When a secure page is requested, TLS uses certificates to check that the certificate is coming from a trusted party, that it is valid and that it is related to the site it is coming from. Once the certificate is verified, a random symmetric key is encrypted using a public key. Since generating public keys uses more resources, it is only used once to encrypt the symmetric key, then the symmetric key is used for the duration of the secure session. When the session is terminated, they symmetric key is destroyed and a new one must be created for each subsequent session. Hashing Algorithms When creating a public key, a hashing algorithm is used. This algorithm generates a hash value, which is the result of some very large, manipulated input value. This is useful because it is almost impossible to discover the input value without knowing the data used to generate the hash value. Simple Example Input Value: 14,337 Algorithm: Input x 241 Hash Value: 3,455,217 Without knowing how the value of 3,455,217 was generated, it would be extremely difficult to come to the conclusion that it is the product of 14,337 and 241. Although, knowing that the input value was multiplied by 241, it would be easy to arrive at the conclusion that 14,337 is the input value. Real hashing algorithms are exponentially more complicated, however this is the basic idea.